security-review-owasp-deserialization

Community

Stop unsafe deserialization before release

Authorsjinks
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps reviewers find unsafe deserialization paths that can lead to remote code execution, gadget-chain abuse, or arbitrary type materialization.

Core Features & Use Cases

  • Reviews native object streams, pickle, unserialize, binary serializers, and polymorphic type handling.
  • Checks request handlers, queues, file loaders, caches, and database reads that accept untrusted serialized data.
  • Useful when validating library configuration, class allowlists, custom deserializers, signed payload handling, or migrations away from native object serialization.

Quick Start

Ask the skill to review the specified code, configuration, or service for deserialization risks and focus it on the relevant language or files.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: security-review-owasp-deserialization
Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-deserialization

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.